General
-
Target
8937a33af404ed499b426959e47ecd4ecd20b54e0cb198f259255b3275d0692f
-
Size
580KB
-
Sample
241106-l68nhayfjm
-
MD5
41644f84519e562454eae4cfb3c6c2bb
-
SHA1
b8153f16bfef046cd23cab037fa59c1e154d50c3
-
SHA256
8937a33af404ed499b426959e47ecd4ecd20b54e0cb198f259255b3275d0692f
-
SHA512
0c70f1bdba63113d281c9152778776b62c41301834861d050bea7c973fc59ade04cb714c3d83bcc1eaf964183d9de541437229f7aa07114493368cbc23dddac8
-
SSDEEP
12288:EMrgy90Y7kuVzDHjLHFFxyxhlIdfaqK/uihYSEg5e:cyH77VzrjhaSc3f8l
Static task
static1
Behavioral task
behavioral1
Sample
8937a33af404ed499b426959e47ecd4ecd20b54e0cb198f259255b3275d0692f.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fukia
193.233.20.13:4136
-
auth_value
e5783636fbd9e4f0cf9a017bce02e67e
Targets
-
-
Target
8937a33af404ed499b426959e47ecd4ecd20b54e0cb198f259255b3275d0692f
-
Size
580KB
-
MD5
41644f84519e562454eae4cfb3c6c2bb
-
SHA1
b8153f16bfef046cd23cab037fa59c1e154d50c3
-
SHA256
8937a33af404ed499b426959e47ecd4ecd20b54e0cb198f259255b3275d0692f
-
SHA512
0c70f1bdba63113d281c9152778776b62c41301834861d050bea7c973fc59ade04cb714c3d83bcc1eaf964183d9de541437229f7aa07114493368cbc23dddac8
-
SSDEEP
12288:EMrgy90Y7kuVzDHjLHFFxyxhlIdfaqK/uihYSEg5e:cyH77VzrjhaSc3f8l
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-